package org.apache.jetspeed.security.impl;

import java.security.Principal;
import javax.security.auth.Subject;
import org.apache.jetspeed.administration.PortalAuthenticationConfiguration;
import org.apache.jetspeed.pipeline.valve.SecurityValve;
import org.apache.jetspeed.profiler.Profiler;
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.JetspeedSubjectFactory;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.security.UserSubjectPrincipal;
import org.apache.jetspeed.statistics.PortalStatistics;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:tomcat-portal.zip:webapps/jetspeed/WEB-INF/lib/jetspeed-portal-2.3.0.jar:org/apache/jetspeed/security/impl/SecurityValveImpl.class */
public class SecurityValveImpl extends AbstractSecurityValve implements SecurityValve {
    private static Logger log = LoggerFactory.getLogger(SecurityValveImpl.class);
    private UserManager userMgr;
    private PortalStatistics statistics;

    public SecurityValveImpl(Profiler profiler, UserManager userManager, PortalStatistics portalStatistics, PortalAuthenticationConfiguration portalAuthenticationConfiguration) {
        this.userMgr = userManager;
        this.statistics = portalStatistics;
        this.authenticationConfiguration = portalAuthenticationConfiguration;
    }

    public SecurityValveImpl(Profiler profiler, UserManager userManager, PortalStatistics portalStatistics) {
        this.userMgr = userManager;
        this.statistics = portalStatistics;
    }

    public SecurityValveImpl(Profiler profiler, UserManager userManager) {
        this.userMgr = userManager;
        this.statistics = null;
    }

    public String toString() {
        return "SecurityValve";
    }

    @Override // org.apache.jetspeed.security.impl.AbstractSecurityValve
    protected final Subject getSubject(RequestContext requestContext) throws Exception {
        Principal principal;
        Principal userPrincipal = getUserPrincipal(requestContext);
        Subject subjectFromSession = getSubjectFromSession(requestContext);
        if (subjectFromSession != null && ((principal = SubjectHelper.getPrincipal(subjectFromSession, User.class)) == null || !principal.getName().equals(userPrincipal.getName()))) {
            subjectFromSession = null;
        }
        if (subjectFromSession == null) {
            subjectFromSession = resolveSubjectFromContext(requestContext, userPrincipal);
        }
        if (subjectFromSession == null) {
            try {
                User user = this.userMgr.getUser(userPrincipal.getName());
                if (user != null) {
                    subjectFromSession = this.userMgr.getSubject(user);
                }
            } catch (SecurityException e) {
                if (userPrincipal.getName().equals(this.userMgr.getAnonymousUser())) {
                    throw e;
                }
                log.error("Unknown user Principal " + userPrincipal.getName() + ": creating a default subject without any roles", (Throwable) e);
                subjectFromSession = JetspeedSubjectFactory.createSubject(this.userMgr.newTransientUser(userPrincipal.getName()), null, null, null);
            }
        }
        if (this.statistics != null && requestContext.getSessionAttribute(IP_ADDRESS) == null) {
            this.statistics.logUserLogin(requestContext, 0L);
            requestContext.setSessionAttribute(IP_ADDRESS, requestContext.getRequest().getRemoteAddr());
        }
        return subjectFromSession;
    }

    @Override // org.apache.jetspeed.security.impl.AbstractSecurityValve
    protected Principal getUserPrincipal(RequestContext requestContext) throws Exception {
        Principal userPrincipal = requestContext.getRequest().getUserPrincipal();
        if (userPrincipal == null) {
            userPrincipal = this.userMgr.newTransientUser(this.userMgr.getAnonymousUser());
        }
        return userPrincipal;
    }

    protected Subject resolveSubjectFromContext(RequestContext requestContext, Principal principal) {
        if (principal.getName().equals(this.userMgr.getAnonymousUser())) {
            return null;
        }
        return principal instanceof UserSubjectPrincipal ? ((UserSubjectPrincipal) principal).getSubject() : resolveSubjectFromContainerPrincipal(requestContext, principal);
    }

    protected Subject resolveSubjectFromContainerPrincipal(RequestContext requestContext, Principal principal) {
        return null;
    }
}
